oss-sec mailing list archives
Re: CVE-2009-1883 kernel: missing capability check in z90crypt
From: Eugene Teo <eugeneteo () kernel sg>
Date: Tue, 15 Sep 2009 09:56:44 +0800
Eugene Teo wrote:
There is a missing capability check in the z90crypt driver in the Linux kernel. This missing check could allow a local, unprivileged user to bypass intended capability restrictions. Thanks to Solar Designer for reporting this issue to us.Note that this does not affect upstream anymore.
Reference: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1883 Thanks, Eugene
Current thread:
- CVE-2009-1883 kernel: missing capability check in z90crypt Eugene Teo (Sep 14)
- Re: CVE-2009-1883 kernel: missing capability check in z90crypt Eugene Teo (Sep 14)
- Re: CVE-2009-1883 kernel: missing capability check in z90crypt Solar Designer (Sep 14)
- Re: CVE-2009-1883 kernel: missing capability check in z90crypt Eugene Teo (Sep 14)